Class: Mumukit::Auth::Token

Inherits:

Object

• Object
• Mumukit::Auth::Token

Defined in:

lib/mumukit/auth/token.rb

Instance Attribute Summary

• #client ⇒ Object readonly

  Returns the value of attribute client.

• #jwt ⇒ Object readonly

  Returns the value of attribute jwt.

Class Method Summary

• .decode(encoded, client = Mumukit::Auth::Client.new) ⇒ Object
• .decode_header(header, client = Mumukit::Auth::Client.new) ⇒ Object
• .encode(uid, metadata, client = Mumukit::Auth::Client.new) ⇒ Object
• .encode_header(uid, metadata) ⇒ Object
• .extract_from_header(header) ⇒ Object
• .from_rack_env(env) ⇒ Object

Instance Method Summary

• #encode ⇒ Object
• #initialize(jwt, client) ⇒ Token constructor

  A new instance of Token.

• #metadata ⇒ Object
• #uid ⇒ Object
• #verify_client! ⇒ Object

Constructor Details

#initialize(jwt, client) ⇒ Token

Returns a new instance of Token.

# File 'lib/mumukit/auth/token.rb', line 5

def initialize(jwt, client)
  @jwt = jwt
  @client = client
end

Instance Attribute Details

#client ⇒ Object (readonly)

Returns the value of attribute client.

# File 'lib/mumukit/auth/token.rb', line 3

def client
  @client
end

#jwt ⇒ Object (readonly)

Returns the value of attribute jwt.

# File 'lib/mumukit/auth/token.rb', line 3

def jwt
  @jwt
end

Class Method Details

.decode(encoded, client = Mumukit::Auth::Client.new) ⇒ Object

# File 'lib/mumukit/auth/token.rb', line 34

def self.decode(encoded, client = Mumukit::Auth::Client.new)
  new client.decode(encoded), client
rescue JWT::DecodeError => e
  raise Mumukit::Auth::InvalidTokenError.new(e)
end

.decode_header(header, client = Mumukit::Auth::Client.new) ⇒ Object

# File 'lib/mumukit/auth/token.rb', line 44

def self.decode_header(header, client = Mumukit::Auth::Client.new)
  decode extract_from_header(header), client
end

.encode(uid, metadata, client = Mumukit::Auth::Client.new) ⇒ Object

# File 'lib/mumukit/auth/token.rb', line 30

def self.encode(uid, metadata, client = Mumukit::Auth::Client.new)
  new({aud: client.id, metadata: metadata, uid: uid}, client).encode
end

.encode_header(uid, metadata) ⇒ Object

# File 'lib/mumukit/auth/token.rb', line 40

def self.encode_header(uid, metadata)
  'Bearer ' + encode(uid, metadata)
end

.extract_from_header(header) ⇒ Object

Raises:

• (Mumukit::Auth::InvalidTokenError)

# File 'lib/mumukit/auth/token.rb', line 48

def self.extract_from_header(header)
  raise Mumukit::Auth::InvalidTokenError.new('missing authorization header') if header.nil?
  header.split(' ').last
end

.from_rack_env(env) ⇒ Object

# File 'lib/mumukit/auth/token.rb', line 26

def self.from_rack_env(env)
  new(env.dig('omniauth.auth', 'extra', 'raw_info') || {})
end

Instance Method Details

#encode ⇒ Object

# File 'lib/mumukit/auth/token.rb', line 22

def encode
  client.encode jwt
end

#metadata ⇒ Object

# File 'lib/mumukit/auth/token.rb', line 10

def metadata
  @metadata ||= jwt['metadata'] || {}
end

#uid ⇒ Object

# File 'lib/mumukit/auth/token.rb', line 14

def uid
  @uid ||= jwt['uid'] || jwt['email'] || jwt['sub']
end

#verify_client! ⇒ Object

Raises:

• (Mumukit::Auth::InvalidTokenError)

# File 'lib/mumukit/auth/token.rb', line 18

def verify_client!
  raise Mumukit::Auth::InvalidTokenError.new('aud mismatch') if client.id != jwt['aud']
end